Master Subscription Agreement


  1. Definitions

    “Affiliate” means any person that Client controls, is controlled by, or is under common control with (as used in this definition, the term “control” means owning, directly or indirectly, greater than 50% of the equity or beneficial interests of a person or possessing, directly or indirectly, the power to direct or cause the direction of the management or policies of a person, whether through the ability to exercise voting power, by contract or otherwise).

    “App” means any end-user software application made available by Supplier or otherwise for use by Users. Apps may be developed by Supplier or a third party as may be identified on an Order and made available to Client (collectively, “Supplier Apps”) or be developed by Client and uploaded through the Hosted Services (“Client Apps”).

    “Confidential Information” means any information, including information, technical data or know-how relating to discoveries, ideas, inventions, concepts, software (including the Software), equipment, designs, drawings, specifications, techniques, processes, systems, models, data, source code, object code, documentation (including the Documentation), diagrams, flow charts, screen shots, algorithms, research, development, business plans or opportunities, products, product features, projects or products under consideration, procedures, and information related to finances, costs, prices, suppliers, vendors, clients, customers and employees, which is disclosed by either party in connection with this MSA, directly or indirectly, in writing, orally or by drawings or inspection of equipment or software, to the receiving party or any of its Representatives, as defined in Section 7, including the terms of this MSA and any Order, names of Software not yet made public, and any other information, in whatever form, that, due to the nature of the information or the circumstances surrounding its disclosure, a disclosing party would reasonably expect to be kept confidential by the receiving party and any of its Representatives. Confidential Information does not include information that: (i) is or becomes part of the public domain or otherwise available on an unrestricted basis to one or more third parties without breach of this MSA by the receiving party; (ii) was known to or in the possession of the receiving party on a non-confidential basis prior to the disclosure thereof to the receiving party by the disclosing party, as evidenced by written records; (iii) was developed independently by or on behalf of the receiving party, without use of or reference to Confidential Information of the disclosing party; or (iv) is disclosed to the receiving party by a third party without breach of this MSA. The Software may contain valuable trade secrets and Confidential Information of Supplier.

    “Development Use” means use of the Software by Client to design, develop or test new applications for Production Use.

    “Documentation” means all written and electronic information and materials made available by Supplier to Client relating to the access, use, operation or functionality of the Software, including technical and user manuals and operating instructions.

    “Foreign Elements” means viruses, worms, Trojan Horses, time bombs or other alike foreign elements.

    “Hosted Services” means the Software hosted by Supplier for Client.

    “Initial Term” means, unless otherwise specified in an applicable Order, a term of three years from the Effective Date.

    “Node” means a distinct end point as counted and limited by certain of the Software solutions offered by Supplier. If applicable, Client will identify the Node(s) in the Software on an Order. During the term of this MSA, Client may from time to time remove a Node from the Software and identify another Node in its place, provided the total number of purchased Nodes is never exceeded.

    “Order” means the document by which the Software and Support and, if applicable, Professional Services (including a Statement of Work) are acquired by Client. The Order and any subsequent Orders, as the same may be amended or restated from time to time, shall be governed by the terms and conditions of this MSA and are incorporated into this MSA by this reference. To the extent there is a conflict in the terms of an Order and the terms of this MSA, the terms of the Order shall govern and control in all respects.

    “Production Use” means use of the Software by Client for its own internal business purposes, in accordance with the Documentation, and not as a service bureau, application service provider, or other service provided to third parties.

    “Professional Services” means those customized services made available to Client by Supplier or its designated subcontractors, and as more fully described in a Statement of Work, including installation, integration, configuration, consulting and training services.

    “Software” means the object code versions of the software as described on an Order and in the associated Documentation. 

    “Statement of Work” means a document describing professional services to be provided by Supplier to Client. For purposes of this MSA, a Statement of Work shall constitute an “Order”.

    “Subscription” means the License and Support together as described in an Order. 

    “Support” means the technical support for the Software as specified on Attachment I.

    “User” means any individual (i) authorized by Client to log into and use the Software or Hosted Services directly, (ii) invoking the Software or Hosted Services by proxy, for example, through a service account, or (iii) engaging in reporting or reviewing results through the Software or Hosted Services, in each case, as determined by Supplier in its sole discretion. For the avoidance of doubt, any individual involved in the software development or delivery process will be a User. The number of Users associated with each Software or Hosted Services subscription licensed by Client is indicated in the Order(s).
  2. License

    2.1    Subject to the terms and conditions of this MSA, Supplier grants Client a non-exclusive, non-transferable, revocable (in the event of breach), and non-sublicensable (except as set forth herein) license for the term of the applicable Order to use the Software and the Documentation, solely for Client’s Production Use and/or Development Use (the “License”). The License is limited to the applicable licensing metric(s) indicated on the applicable Order. 

    2.2    Client shall ensure that its third party consultants only access and use the Software for Client’s operations provided any such third party consultant(s) have first signed an agreement with Client protecting Supplier’s intellectual property with terms no less stringent than the terms and conditions of this MSA and that Client ensures that each such consultant’s use of the Software complies with the terms of this MSA. For the avoidance of doubt, Client shall be fully liable for any breach of this MSA by Client’s third party consultants.

    2.3    None of Client’s Affiliates may use the Software or the Documentation without the prior written approval of Supplier, which may be granted or denied in Supplier’s sole discretion. Any such use by Affiliates will count toward the stated merics.

    2.4    Client will not, directly or indirectly, (i) sublicense (unless specifically noted otherwise), transfer, lease, rent or otherwise assign its rights in the Software or the Documentation to any third party nor allow any third party to access or use the Software or the Documentation; (ii) modify the Software or the Documentation, create or attempt to create any derivative works of the Software or the Documentation, or translate, reproduce, reverse engineer, re-engineer, de-compile, or disassemble the Software or the Documentation to develop any other computer program or for any other reason; (iii) copy the Software or the Documentation (e.g., for archival, disaster recovery, or training purposes); (iv) alter or remove any of Supplier’s or its licensor’s copyright or proprietary rights notices or legends appearing on or in the Software; or (v) modify, distribute or otherwise use the Software in any manner that causes any portion of the Software that is not already subject to an open source license to become subject to the terms of any open source license, in whole or in part, without the prior written consent of Supplier. The original and all copies of the Software and the Documentation remain the sole property of Supplier, subject to all of the confidentiality and other restrictions set forth in this MSA. Client must use the Software in accordance with applicable law at all times. Client’s transmission of any material with respect to the Software which, in the sole determination of Supplier, is threatening, obscene, libelous, defamatory, discriminatory, or otherwise offensive or illegal will constitute a material breach of this MSA.

    2.5    The License is granted under the condition that the Subscription fee(s) is/are timely paid to Supplier and that Client complies with the other terms of this MSA.

    2.6    Supplier shall deliver the Software electronically (e.g., from an FTP server) unless otherwise agreed between the parties. When applicable, installation of the Software shall be performed by Client in machine-readable form on computers owned or controlled by Client. If necessary to facilitate access to the Software, Supplier will supply default administrator login credentials for Client to assign user names and passwords to all personnel that will access the Software. Client assumes sole responsibility for use of any such credentials and shall notify Supplier immediately if such credentials are, or are suspected to have been, misappropriated. Supplier reserves the right to refuse registration or login of any individual using the Software inappropriately.

    2.7    To the extent the Software involves use by Client or Users of Apps, subject to the terms of this MSA, Client grants Supplier a non-exclusive, royalty-free license during the term of this MSA to do the following: (i) to host, have hosted, copy, display, perform, distribute, have distributed, store, modify, configure, distribute, make available, and otherwise use the Client Apps in connection with the provision of Hosted Services and Client Apps to Users and the maintenance and support thereof; and (ii) to use and display Client’s name, logo, trademarks, service marks and other content provided by Client for the purpose of performing services hereunder.

    2.8    To the extent the Software involves use by Client or Users of Supplier’s Arxan solution, the license granted to Client shall be made pursuant to the terms and conditions set forth in Exhibit A. To the extent the terms set forth in Exhibit A conflict with the terms of this MSA, the terms of Exhibit A shall prevail.
  3. Warranty

    3.1    Supplier warrants that (i) it is entitled to license the Software to Client and (ii) the Software does not contain Foreign Elements at delivery of the Software to the Client. The parties acknowledge and understand that the Software is permitted to contain customary license keys, such as keys limiting the number of Users in accordance with the applicable Orders.

    3.2    For on-premises solutions, Supplier warrants that for a period of 90 days only after first delivery of any specific Software following the initial date of the applicable Order, the Software shall conform in all material respects to the Documentation. For software-as-a-service or hosted Software solutions, Supplier warrants that the Software shall conform in all material respects to the Documentation. Supplier does not warrant that operation of the Software will be uninterrupted or “bug” or error free. If Supplier breaches the applicable foregoing warranty and Client promptly notifies Supplier in writing of the nature of the breach, Supplier shall make commercially reasonable efforts to promptly repair or replace the non-conforming Software without charge. If, after a reasonable opportunity to cure, Supplier does not repair or replace the non-conforming Software, Client must return the Software and Documentation to Supplier, or certify in writing that all copies have been destroyed, and Client will be entitled to a refund of the Subscription fee actually paid to Supplier for the unexpired portion of the then current Initial Term or Extension Term, which shall be Client’s sole and exclusive remedy for breach of the warranty in the above portion of this Section 3.2. 

  4. Fees and Audit

    4.1    Amounts specified in an Order are exclusive of applicable sales, use, VAT, consumption, and any other taxes. Client shall timely pay all such taxes. Client will indemnify Supplier and hold Supplier harmless from and against any such taxes and will promptly reimburse Supplier for the amount of any taxes that Supplier is required to or otherwise pays as a result of Client’s failure to pay such amount.

    4.2    The total non-refundable, non-cancellable Subscription fees and the fees for Professional Services, if any, for each Order will be due and payable within thirty (30) days from the date of Supplier’s invoice without deduction or setoff. Supplier, at its option, may assess finance fees of 1.5% per month or the highest rate allowed by applicable law for any late payments. Additionally, Supplier reserves the right to suspend or terminate Client’s access to the Software without liability to Client if Client fails to cure any instance of non-payment within 15 days of receipt of notice from Supplier. Client agrees to reimburse Supplier for any and all expenses Supplier may incur, including attorneys’ fees, collection fees, and costs of litigation/arbitration, in enforcing the terms of this MSA, and the remedies in this Section are cumulative and in addition to all other rights and remedies available to Supplier under this MSA, by operation of law or otherwise.

    4.3    Subscription fees shall be paid by Client as specified in the applicable Order or, if not so specified, annually in advance.

    4.4    Upon the Initial Term or any Extension Term, Supplier may apply an overall market increase and/or usage increase to the Subscription fee(s) as it so determines.

    4.5    Client agrees that, from time to time, upon Supplier’s request during or after any Subscription period, Client shall promptly (i) provide Supplier in writing with a summary of its usage of the Software, including an average and maximum number of Users, Nodes, or other metrics as described in any Order and such other information, and (ii) take, and permit Supplier to take, such other actions (e.g., related to any future product functionality) as Supplier may reasonably request from time to time related to monitoring compliance with this MSA and any license granted to Client hereunder. Client shall immediately owe and pay fees associated with usage in excess of the Software amounts licensed and promptly (and in no event more than 15 days after becoming aware thereof) remedy any underpayments revealed during an audit both retroactively as well as prospectively for the remainder of the Subscription term.
  5. Support and Professional Services

    5.1 Support is provided pursuant to the Support terms specified in Attachment I and incorporated herein by reference. Support will only be provided as part of the Subscription.

    5.2    Supplier will provide Support during the term of the applicable Order under the condition that the applicable Subscription fees are timely paid to Supplier and Client otherwise complies with the terms of this MSA.

    5.3    Supplier or its designated subcontractors shall make available to Client certain Professional Services if and as specified in an Order. Such Professional Services shall be subject to the terms and conditions of this MSA, including the additional terms set forth in Attachment II 
  6. Intellectual Property; Indemnification

    6.1    Except for the limited license rights granted pursuant to this MSA, title, ownership rights and all intellectual property rights in and to the Software and Documentation shall remain the sole and exclusive property of Supplier and its licensors. Supplier’s licensors are intended third party beneficiaries of this MSA.

    6.2    Supplier will defend Client against any third party claim brought against Client that Client’s use of the Software in accordance with the terms herein infringes or misappropriates any patent subsisting, copyright, trademark or trade secret, provided however that Client with regard to any such claims: (i) promptly notifies Supplier; (ii) reasonably cooperates with Supplier; and (iii) allows Supplier to control the defense and all related settlement negotiations. Supplier will pay such damages or costs as are finally awarded by a court of competent jurisdiction against or agreed to by Supplier in settlement for such claim. Client will have the right to participate with Supplier in the defense or appeal of any such claim, at Client’s own expense (such expense not being indemnified by Supplier), but Supplier will have sole control and authority with respect to any such defense, compromise, settlement, appeal or similar action, provided that Supplier obtains Client’s prior consent to any settlement that requires Client to make any admission of fault or pay any amounts in connection with such settlement. 

    6.3    If an injunction is sought or obtained against Client’s use of the Software as a result of a third party infringement claim, Supplier may, at its sole option and expense, (i) procure for Client the right to continue using the affected Software, (ii) replace or modify the affected Software with functionally equivalent software so that it does not infringe, or, if either (i) or (ii) is not commercially feasible, (iii) terminate the Subscription and refund the Subscription fee received from Client for the affected Software less a usage charge based on a 12-month amortization schedule.

    6.4    Supplier shall have no liability for any third party claim of infringement based upon: (i) use of other than the then current, unaltered version of the applicable Software, unless the infringing portion is in the then current, unaltered release; (ii) use, operation or combination of the applicable Software with non-Supplier programs, data, equipment or documentation if such infringement would have been avoided but for such use, operation or combination; or (iii) any third party software. 

    6.5    Client agrees to release, indemnify and hold Supplier, its Affiliates and licensors, and each of their respective officers, employees, directors, managers, partners, and agents harmless from any and all losses, damages, expenses, including reasonable attorneys’ fees, rights, claims, actions of any kind arising out of or relating to any third party claims arising from or related to (i) Client’s or any User’s breach of Section 2 of this MSA or (ii) any allegation that materials (a) maintained on Client or any Users’ behalf or (b) uploaded to the Software or used in connection with the Software infringe or misappropriate any patent subsisting, copyright, trademark or trade secret.

    6.6    The remedies set forth in this Section 6 constitute the entire liability of Supplier and Client’s sole and exclusive remedy with respect to any third party claims of infringement of such intellectual property rights. IT IS CLIENT’S RESPONSIBILITY TO ENTER INTO ALL NECESSARY ARRANGEMENTS WITH OTHER THIRD PARTIES (E.G., DEVICE SUPPLIERS) AND TO COMPLY WITH THOSE ARRANGEMENTS AND ANY OTHER APPLICABLE LIMITATIONS AND REQUIREMENTS OF SUCH OTHER THIRD PARTIES, AND SUPPLIER SHALL HAVE NO LIABILITY FOR CLIENT’S FAILURE TO DO SO.
  7. Confidentiality

    7.1    Each party that receives Confidential Information of the other party agrees that, unless the disclosing party gives its prior written authorization, the receiving party shall not: (i) use such Confidential Information other than for the purposes of this MSA; or (ii) disclose any such Confidential Information to any third party except those directors, managers, officers, employees, subcontractors, consultants, representatives and agents of the receiving party (collectively, the “Representatives”) who are required to have such Confidential Information in order to carry out the purposes of this MSA and who have signed a non-disclosure agreement or are otherwise bound by confidentiality obligations at least as restrictive as the provisions of this MSA. The receiving party shall prevent the unauthorized use, disclosure, dissemination or publication of Confidential Information by itself and by its Representatives using at least the same degree of care that the receiving party uses to protect its own confidential information of a similar nature, but in no event less than a commercially reasonable degree of care.

    7.2    The obligations of the parties under this Section 7 shall not apply to the extent of any disclosure required pursuant to a duly authorized subpoena, court order, or government authority, provided that the receiving party has provided, to the extent permitted by applicable law, prompt notice to, and full cooperation with, the disclosing party prior to such disclosure so that such party may seek a protective order or other appropriate remedy to protect against disclosure. 

    7.3    Upon request by the disclosing party, the receiving party will return any portion of the Confidential Information that the receiving party no longer has the right to use, including all copies of that Confidential Information, and all abstracts, summaries or documents produced using that Confidential Information, or, if so directed by the disclosing party in writing, the receiving party will destroy all copies of that Confidential Information (including abstracts, summaries or documents produced using that Confidential Information) and will certify to the disclosing party in writing that all copies, abstracts, summaries, and documents have been destroyed.

    7.4    Client agrees that Supplier may analyze data, information or material that is submitted to the Software or Hosted Services by or on behalf of Client in the course of using such solution, together with data of other clients of Supplier, to create anonymized and aggregated internal reports or statistics that do not identify Client or any individual for Supplier to improve its products and services. 

    7.5    Any breach of the confidentiality obligations set forth in this Section would constitute a material breach of this MSA, which the parties acknowledge may cause irreparable harm to the disclosing party, leaving it without an adequate remedy at law. As such, any such breach shall entitle the disclosing party to seek injunctive relief in addition to all other remedies, without necessity of posting of a bond or other security in connection therewith.

    7.6    This Section 7 will remain in effect during the term of this MSA and for a period of five (5) years following the termination of this MSA or the applicable Order and, in the case of Confidential Information that constitutes a trade secret under applicable law, for so long as such Confidential Information remains a trade secret.
  8. Limitation of Liability; Independent Contractors

    8.1    Except for Supplier’s: (i) willful breach of a material term of this MSA; or (ii) breach of its confidentiality obligations under Section 7, Supplier’s aggregate liability for damages (direct or otherwise) concerning performance or non-performance by Supplier or in any way related to or arising from or under this MSA, and regardless of whether the claim for such damages is based in contract, tort, strict liability, or otherwise, shall not exceed the portion of the fees received by Supplier from Client for the affected Software for the Subscription period (up to a period of 12 months) preceding the occurrence of such liability.

    8.2    Notwithstanding anything to the contrary, in no other event shall Supplier be liable to Client or any other person for lost data, lost profits, lost revenues, loss of data, loss of use, loss of business, or any indirect, incidental, special, punitive, exemplary or consequential damages, whether or not foreseeable, related to or arising from or under this MSA.

    8.3    Client is solely responsible for Client Apps and will not use the Software or Hosted Services to: (i) upload any Client App that (a) infringes any intellectual property or other proprietary rights of any party; (b) Client does not have a right to upload under any applicable law or under contractual or fiduciary relationships; (c) contains software viruses designed to interrupt, destroy or limit the functionality of any computer software or hardware; (d) is unlawful, harmful, threatening, abusive, harassing, tortious, excessively violent, defamatory, vulgar, obscene, pornographic, libelous, or invasive of another’s privacy; or (e) in the sole judgment of Supplier, is objectionable or which restricts or inhibits any other person from using or enjoying the Software or the Hosted Services, or which may expose Supplier or its users to any harm or liability of any type; (ii) disobey any requirements, procedures, policies or regulations of networks connected to the Software; or (iii) violate any applicable law or regulations.

    Client Apps may need to be signed with an issued certificate in order to be installed on certain devices. In such cases, Client will either (i) sign the Client App itself with its own issued certificate; or (ii) request Supplier to sign the Client App with the Client issued certificate. Supplier provides the foregoing services merely as a convenience and is not responsible for any errors or liability arising from such services.

    Under no circumstances will Supplier be liable in any way for Client Apps, including for any errors or omissions in any content, or for any loss or damage of any kind incurred as a result of the use of any content uploaded or emailed in connection with or via Hosted Services. Client acknowledges that Supplier and its designees will have the right (but not the obligation) in their sole discretion to refuse or remove any Client App that is available in connection with or via Hosted Services, including for violations of this MSA.
  9. Term and Termination

    9.1    The term of this MSA shall commence upon Client’s acceptance thereof (the “Effective Date”) and shall continue until such date that the MSA is terminated in accordance with its terms, including by mutual written agreement of the parties. Subject to the foregoing, the term of this MSA and any associated Orders shall automatically extend for a one-year extension term (each, an “Extension Term”) at the end of the Initial Term or, as applicable, any Extension Term.

    9.2    Client will continue to receive the Subscription for any Extension Term of an Order in exchange for Supplier’s then-current fees (as the same may be adjusted from time to time in Supplier’s sole discretion), unless Client provides written notice of termination of an Order to Supplier at least ninety (90) days prior to the Subscription ending date. Unless otherwise expressly provided in an Order, any extension fees shall be due and payable to Supplier no later than thirty (30) days prior to the start of the applicable Extension Term.

    9.3    Either party may terminate any or all existing Order(s) immediately by providing written notice to the other party of such termination if the other party: (i) breaches any material provision of this MSA (e.g., failure to pay when due any sum owed); (ii) is adjudicated as bankrupt or makes an assignment for the benefit of creditors, or if a receiver, liquidator, administrator or a trustee is appointed for such party’s affairs or any analogous procedure is initiated; (iii) if a party is dissolved; or (iv) if a party breaches its Section 7 (Confidentiality) obligations. None of the foregoing termination for cause rights shall be valid if the breaching party is able to cure such breach within thirty (30) days (or ten (10) days in the case of non-payment) after the non-breaching party delivers notice of such breach to the breaching party. In addition, either party may terminate an Order at the end of the Initial Term or an Extension Term thereof by giving the other party at least 90 days’ prior written notice before the beginning of the next Extension Term and, further.

    9.4    If this MSA or any Order is terminated, for any reason whatsoever, Client must promptly (and, in all cases, no more than 30 days after such termination), at Supplier’s direction, destroy or return all affected Software and Documentation and certify in writing that it has complied with this Section 9.4.

    9.5    All provisions and obligations of this MSA or any Order which by their nature should survive any termination of this MSA or an Order will survive any such termination, including provisions and obligations with regard to accrued rights to payment, confidentiality obligations, warranty disclaimers, limitations of liability, engaging of third parties and liability for taxes and premiums.
  10. Miscellaneous

    10.1    Force Majeure. Supplier shall not be liable for, nor shall Supplier be considered in breach of this MSA due to, any failure to perform its obligations under this MSA as a result of a cause beyond its reasonable control, including any act of God or a public enemy, terrorist act, act of any military, civil or regulatory authority, change in any law or regulation, epidemic, pandemic, freight embargo, strike, fire, flood, earthquake, storm or other like event, disruption or outage of communications, power or other utility, labor problem, unavailability of supplies, introduction of a virus, worm or similar disabling code in the Software by Client or a third party or any other cause, whether similar or dissimilar to any of the foregoing.

    10.2    Assignment. Client may not assign this MSA or any Order without Supplier’s prior written consent. 

    10.3    Severability. If any part of this MSA is held to be unenforceable, in whole or in part, such holding will not affect the validity of the other parts of this MSA.

    10.4    Waiver. Any failure by either party to detect, protest, or remedy any breach of this MSA will not constitute a waiver or impairment of any such term or condition, or the right of such party at any time to avail itself of such remedies as it may have for any breach or breaches of such term or condition. A waiver can only occur pursuant to the prior written express permission of an authorized officer of the other party.

    10.5    Notices. All notices, instructions, requests and other communications required or permitted under this MSA shall be in writing and shall be delivered in person or sent by either commercial overnight courier or certified or registered mail, return receipt requested, or electronic transmission such as electronic mail, to either party at the respective addresses set forth on the applicable Order or to such other address as specified in writing by a party to the other party in accordance with the terms of this Section. All such notices, instructions, requests and other communications shall be deemed effective (i) immediately if delivered in person; (ii) the next business day if delivered by commercial overnight courier; (iii) three business days after deposit with the United States Postal Service, postage prepaid, if delivered by certified or registered mail; or (iv) when delivered, if delivered by electronic transmission such as electronic mail.

    10.6    Open Source Software. The Software may contain open source software (“OSS”) licensed under such OSS’s own applicable license terms. Any such OSS listed under this MSA is listed only for Client’s convenience and solely for information purposes and, if licensed, is licensed to Client only under the terms set forth in the corresponding open source license, which Client may find on the Internet at the designated URL, or in the header files of such software. Notwithstanding the foregoing, this MSA shall not prevent or restrict Client from exercising additional or different rights referring to any free, open source code, documentation or materials contained in or provided with the Software in accordance with the applicable free, OSS license for such code, documentation and materials, which can be found in the corresponding technical documentation; provided that Client agrees not to apply Software to Client Apps containing GPL (or LGPL or any similar open-source license) software or involving any copyleft arrangement. Supplier is not obligated to provide any maintenance or support for the OSS or any Software that has been modified pursuant to an OSS license.

    10.7    Export Restrictions. Export laws and regulations of the United States and any other applicable jurisdictions apply to the Software. Client agrees that such applicable export control laws govern Client’s use of the Software and agrees to comply with all such applicable export laws and regulations (including “deemed export” and “deemed re-export” regulations). Client agrees that no data, information or Software will be exported, directly or indirectly, in violation of these laws, or will be used for any purpose prohibited by these laws, including nuclear, chemical, or biological weapons proliferation, or development of missile technology. Client represents and warrants that Client is not: (i) located in a country that is subject to a U.S. Government embargo (e.g., an embargoed country as designated by the Office of Foreign Asset Control of the U.S. Treasury Department), or that has been designated by the U.S. Government as a “terrorist supporting” country; or (ii) listed on any U.S. Government list of prohibited or restricted parties (e.g., the prohibited persons list maintained by the Bureau of Industry and Security of the U.S. Department of Commerce). 

    10.8    Software Plugins. The Software indicated in the Order is provided with all commercial plugins Supplier has available and listed at no charge on the Effective Date. Such list of plugins may change at the discretion of Supplier.  Supplier may, in its sole discretion, charge a subscription fee to Client for other requested plugins or for third party plugins as it so chooses. Supplier will provide Client with at least ninety (90) days notice if it decides to charge for a plugin that was previously provided at no charge to the Client.

    10.9    Change of Control. Client shall provide prompt written notice to Supplier if Client plans to become or becomes subject to a Change of Control (as defined below).The parties shall determine in good faith whether the Change in Control necessitates or otherwise should result in (i) an increase in the actual number of Users, Nodes, or other applicable licensing metrics and/or (ii) a subsequent, mutually agreed upon, amendment of this MSA. For the avoidance of doubt, unless otherwise mutually agreed upon by the parties, Client’s Affiliates, subsidiaries, or parent entities are not permitted to use the Software after a Change of Control. “Change of Control” means a situation where either: (i) another person acquires, directly or indirectly, all or substantially all of the assets of the Client or the majority, or a controlling portion, of the outstanding equity securities of the Client through a merger, reorganization, or otherwise, or (ii) where the Client acquires additional companies, business units, or other entities that increases the licensing metrics of the Software. Any License granted pursuant to this MSA is a license scoped to the size and scale of Client’s particular enterprise.

    10.10    Privacy and Data Protection. The parties agree that the Data Protection Agreement (“DPA”) sets forth their obligations with respect to the processing and security of Client Data and Personal Data, as those terms are defined in the DPA.

    10.11    Counterparts. This MSA, if applicable, and any Order, may be executed in multiple counterparts, each of which when so executed shall be deemed to be an original, and all such counterparts shall, together, constitute one instrument. Signatures to this MSA or any Order may be exchanged by facsimile, portable document format or other similar electronic format, and all signatures exchanged in such manner shall constitute and be deemed original signatures.

    10.12    Governing Law. This MSA shall be governed by the laws of the State of Delaware, which governing law shall control without giving effect to conflict of law principles and excluding the U.N. Convention on Contracts for the International Sale of Goods, even where adopted as a part of the domestic law of the country whose law governs this MSA. Any suit or proceeding relating to this MSA shall be brought exclusively before the state or federal courts located in the State of Delaware.

    Any disputes arising in countries not recognizing or not executing court verdicts from the jurisdiction Supplier set forth in Section 10.12 shall be finally settled under the Rules of Arbitration of the International Chamber of Commerce (“ICC”). Such disputes or claims shall be settled by simplified arbitration arranged by ICC in accordance with the rules of arbitration procedure adopted by ICC and in force at the time when such proceedings are commenced. Arbitration shall be conducted in the State of Delaware before one arbitrator appointed in accordance with the ICC Rules. All arbitration shall be conducted in English. The award rendered thereon by the arbitrator shall be final and binding on the parties thereto, and judgement thereon shall be confidential and may be entered in any court of competent jurisdiction. Nothing in this section shall prevent either Party from applying to a court of competent jurisdiction for equitable or injunctive relief. Client may only resolve disputes with Supplier on an individual basis and Client agrees not to bring or participate in any class, consolidated, or representative action against Supplier or any of Supplier’s employees or Affiliates.

    10.13    Third Party Offerings. To the extent that use of the Software or Hosted Services requires use by Client of third party software or services, Supplier makes no representations or warranties regarding such third party offerings. Such third party offerings may be subject to their own terms of service and Client agrees to comply with all such terms of service. 

    Elements of the Software licensed hereunder may contain, be derived from, and/or connect to materials of third party licensors (“Third Party Software”). In addition to the terms of the MSA, such Third Party Software may be subject to additional terms, which, if any, are set forth in the Third Party Software file that is included with the Documentation.

    10.14    Interpretation. The following rules of interpretation must be applied in interpreting this MSA: (i) the section and subsection headings used in this MSA are for reference and convenience only, and will not enter into the interpretation of this MSA, (ii) all references to Sections are to the Sections in this MSA or, as applicable, an Attachment to this MSA, and (iii) as used in this MSA, the term “including” will always be deemed to mean “including without limitation”.

    10.15    Publicity. The parties agree that Supplier may include or otherwise use Client’s name and other identifying information with regard to Client, such as trademarks, trade names and logos, in Supplier’s marketing materials (e.g., for purposes of identifying Client as a customer of Supplier). Any such use will be consistent with Supplier’s practice of identifying customers on Supplier’s marketing materials at the time and other related guidelines.

    10.16    Independent Contractors. In the performance of this MSA, each party is an independent contractor, and the employees, officers and agents of one party will act only in the capacity of representatives of that party and not as employees, officers or agents of the other party.

    10.17    Notice for California Users. Under California Civil Code Section 1789.3, users of the Software and other Supplier solutions from California are entitled to the following specific consumer rights notice: The Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs may be contacted in writing at 1625 North Market Blvd., Suite N 112, Sacramento, CA 95834, or by telephone at (916) 445-1254 or (800) 952-5210.

    10.18    Security Emergencies. If Supplier reasonably determines that the securities of its Software or infrastructure may be compromised due to hacking attempts, denial of service attacks, or other malicious activities, then, notwithstanding anything to the contrary, Supplier may, without liability to Client, temporarily suspend the Software and related services and Supplier will take action to promptly resolve such security issues.



Subject to the terms and conditions of this MSA, Supplier will endeavor to provide Client with reasonable support services, through telephone, electronic mail or another online mechanism as designated by Supplier between the hours of 8:00 AM and 7:00 PM, U.S. Eastern time, Monday through Friday, excluding U.S. and Supplier holidays, in accordance with Supplier’s standard practice. Supplier will endeavor to respond to submissions for Clients participating in an evaluation period within a reasonable period of time, and to submissions for all other Clients within two business days of receipt.

Service Level Commitment

  • The Hosted Services will be available to Client twenty-four (24) hours per day, seven (7) days per week with a 90% uptime guarantee with 97% availability 9 AM to 5 PM U.S. Eastern time, Monday through Friday (excluding public holidays and scheduled maintenance or upgrade windows).
  • Scheduled maintenance for updates will not apply to the uptime commitment referenced above. Supplier will notify Client of the scheduled maintenance at least forty-eight (48) hours in advance. Supplier will notify Client of scheduled changes not related to maintenance at least forty-eight (48) hours in advance. Maintenance, upgrades and changes typically will be scheduled to occur during times of lower expected system utilization and may include nights and/or weekends.  
  • Emergency changes may occur at any time prudent for the protection of data or to ensure system availability. Should an Emergency change take place, a notification will follow as quickly as practical.  
  • Supplier will coordinate all scheduled routine maintenance in accordance with the Eastern Time Zone. 
  • Supplier shall provide maintenance to all computer systems located at Supplier’s hosting facility including reasonable database maintenance.

Standard Support (included in Subscription)

  • Available Monday through Friday from 8:00 AM to 7:00 PM, U.S. Eastern time
  • Ability to submit tickets and receive response within the published Support Target Response Time (as set forth below) 
  • Access to Supplier’s support portal 

Optional Support provided, only if identified in an Order:

24/7 Support includes everything in Standard Support, plus

  • Available twenty-four (24) hours per day, seven (7) days per week customer local time 

Premier Support includes everything in Standard & 24/7 Support, plus:

  • Access to a Technical Support Specialist upon escalation only 
  • New release updates 
  • Set-up and configuration support 
  • Pre-upgrade analysis and upgrade support 

Premier Support Plus includes everything in Standard, 24/7 & Premier Support, plus:  

  • Monthly support meetings 
  • Bi-yearly system analysis 
  • Accelerated access to managed services consulting 

Priority Management 

Priority 1 (Blocker): an incident that results in a critical business impact for a production system; may be assigned to an incident where a customer experiences (i) a complete or substantial loss of service when using a production system; (ii) real or perceived data loss or data corruption making an essential part of the production system unusable; or (iii) inability to use a mission critical application within a production system. 
Priority 2 (Critical): an incident that results in some business impact; may be assigned to an incident where a customer experiences (i) the functionality of the software is adversely affected, but can be circumvented; (ii) certain functions within the Software are disabled, but the Software remains operable; or (iii) a complete or substantial loss of service when using a development system. 
Priority 3 (Normal): an incident that results in a minimal business impact; may be assigned to an incident where a customer experiences no loss of service and the incident has no significant effect on the usability of the Software. This level is typically used for questions, comments, and suggestions 

Note:  Errors Not Caused by the Software. If Supplier reasonably believes that a problem reported by Client may not be due to an error in the Software, Supplier will so notify Client, and Supplier will not proceed further unless mutually agreed by the parties. 

Support Target Response Times (all business hours)

Priority Standard24/7  PremierPremier Plus 
1 – Blocker < 24 hours< 8 hours< 4 hours < 1 hour 
2 – Critical< 48 hours< 24 hours< 12 hours< 4 hours 
3 – Normal< 72 hours < 48 hours< 24 hours< 8 hours 




Change Management Response Times

If applicable to the Subscription, change management will be handled per the following response times. All timeframes are from confirmation by Supplier of receipt of a Change Management Request by email from Client, or receipt of an order, as applicable:

  • New device onboarding: 10 business day from Order
  • Device replacement with device shipped by Client: 10 business days from Order
  • Device replacement with device purchased by Supplier: 10 business days from Order
  • Installation of IoT (e.g., special router, point of sale): 10 business days from Order and maximum 10 days upon receipt of the IoT from Client
  • New OS upgrade: 2 business days
  • Device error stage recovery: 4 business hours
  • New version system upgrade: 1 business day
  • System new hardware change (add storage, add new device host machine): 5 business days

Method of Communication

Contact information can be found on Supplier’s website. The best way to communicate with is via the support help center ( or via the dedicated email address


  1. Supplier shall perform the Professional Services with reasonable care and skill and pursuant to an applicable Order. Unless specified otherwise in the applicable Order, all Professional Services are performed on a time and materials basis; nothing in the Order may be construed as an obligation of Supplier to deliver a certain result. Generally, fees for Professional Services and other billable activities, including those project implementation and other activities described in Section 4 below, related to time shall be charged based on the time up to the tenth of an hour (with each such hour constituting a “Billable Hour”) expended by individual service providers (e.g., technical consultants, architects, project managers) performing such services and activities at hourly rates (or, as applicable, daily rates) for such service providers, which rates generally are assigned as a function of such service providers’ seniority and experience. These rates are revised from time to time, but normally not more often than annually. From time to time, Supplier may advance or incur certain costs and expenses that will be charged to Client’s account with Supplier. In Supplier’s discretion, Supplier may forward the invoice to Client for direct payment. Otherwise, Supplier will advance the expenses on Client’s behalf and include it on the next statement. Supplier’s fee structure is based on the assumption that all statements will be paid promptly upon receipt and Supplier’s continued performance of Professional Services is, of course, dependent upon timely payment of Supplier’s bills.
  2. Client shall timely provide Supplier with all accesses and clearances and all further assistance Supplier reasonably needs to properly perform the Professional Services. If Client requires any actions and/or information from Supplier in this respect, Client shall timely notify Supplier thereof. Client shall timely provide its security policy, screening policy and travel policy (if any) and Supplier shall perform the Professional Services in compliance with such policies (if any).
  3. Unless specified otherwise in the applicable Order, Client shall reimburse Supplier’s reasonable cost for travel and expenses connected to the performance of the Professional Services insofar as (i) such cost are in compliance with Client’s travel policy; and (ii) Supplier substantiates such cost with receipts. All cost for living and expenses in compliance with Client’s travel policy which have already been incurred by Supplier prior to an early termination of the Order by Client, shall be borne by Client.
  4. It is hereby acknowledged and agreed that Billable Hours may include, but are not limited to, time spent on: (i) project/implementation planning and research; (ii) project implementation activities (e.g., sprint-related and backlog-item activities); (iii) scheduled customer meetings and phone calls; (iv) on-site implementation (billed at daily rates); (v) remote implementation (with dedicated billed at daily rates and as-available billed at hourly rates); (vi) support ticket assistance from the customer success team (e.g., working sessions, how-to issues, best practices discussions); (vii) ongoing discussions and working sessions with a technical consultant (on-site or remote); (viii) design/re-design discussions; (ix) training (e.g., on-site instructor led, remote instructor led or remote self-paced); (x) scheduled upgrade assistance; (xi) extraction and conversion of Client Data to another system (which may occur, in Supplier’s discretion, following Client’s written request and subject to availability of resources); and (xii) any other work specified in individual statements of work that have been agreed upon. Notwithstanding the foregoing, the following activities will be non-billable: (a) initial consultation meeting and emails, communication and correspondence associated therewith in order to set this up; (b) implementation preparation/planning calls; (c) review/discussions on onboarding questionnaires; and (d) support ticket assistance from the Supplier’s technical support team (technical issues).
  5. Client may purchase one-time services from Supplier to configure the certain Software provided to Client by including Client’s name and logo on the splash and login screens. Supplier may include “Powered by” (or a substantially similar statement) on the splash and login screens, but in less prominence than Client’s branding. Included with this customization are enterprise authentication configuration and testing.
  6. Supplier or third parties may provide links or other access to other sites and resources on the Internet. Supplier has no control over such sites and resources and Supplier is not responsible for and does not endorse such sites and resources. Supplier will not be liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any content, events, goods or services available on or through any such site or resource.  Any dealings Client or Users have with third parties found while using Hosted Services or related Software are between Client and such User and the third party, and Client agrees that Supplier is not liable for any loss or claim that Client or such User may have against any such third party.
  7. All rights, titles and interest, including moral rights in intellectual property to or arising from any Professional Services such as analyses, designs, documentation, reports, feedback received (e.g., from any prospective, actual or former client or otherwise), offers, software, and any preparatory material belonging thereto or other materials developed or provided under or related to this MSA shall solely be owned by Supplier or its licensors. Supplier grants to Client a non-exclusive, non-licensable, non-sublicensable, non-transferable right to use the Professional Services, or other materials developed or provided under this MSA during the applicable Subscription term and solely in connection with the Software, subject to the restrictions as specified in this MSA, to be used only for Client’s internal business purposes, provided all agreed fees have been paid by Client. Any other use of the Professional Services is strictly prohibited. Nothing contained in this MSA shall be construed as conferring, by implication, estoppel or otherwise, any license or other right except when licenses and rights are expressly granted in this MSA. Any other use, including by way of resale, renting, outsourcing, leasing or otherwise is prohibited.
  8. To the extent Supplier provides Professional Services to Client, unless otherwise specifically provided in an Order, (a) Supplier shall own all right, title and interest in and to any and all inventions (whether or not patentable), works of authorship, software, deliverables, and other materials (collectively, “Work Product”) that are conceived, created, invented, developed, or reduced to practice by Supplier, solely or jointly with Client or others, in connection with the performance of the Order, and any and all related intellectual property rights, (b) to the extent Client may have or acquire any interest in such Work Product, Client hereby assigns, and agrees to assign to Supplier, all such interest, including any and all related intellectual property rights, and (c) Client shall have a non-exclusive, royalty-free, non-transferable, non-sublicensable, worldwide license to use such Work Product solely in connection with the provsions of the Professional Services as contemplated by the MSA and/or Order.
  9. During the term of the applicable Order, Client grants to Supplier a temporary, limited, non-exclusive license to use, reproduce, and modify its computer programs, code, or other materials in the form provided to Supplier during the term of that Order, solely for purposes of performing the Professional Services and producing Work Product under that Order.




  1. Defined Terms.

    1.1    “Application” shall mean Client’s software application, consisting of a standalone executable program identified by name, listed on the applicable Order. Client may have one or more Applications that each requires an Application Development License.

    1.2    “Application Development License” means the right of a Client to use the Arxan Software pursuant to the license grant set forth in Section 2.1 of this Exhibit A and the terms and conditions of the MSA. 

    1.3    “Application Production License” is the license granted to Client pursuant to Section 2.2 of this Exhibit A, to use Arxan Software to protect and distribute protections within a specific application. 

    1.4    “Arxan Software” means (i) the computer programming code, Guard Libraries, Tools, and accompanying Documentation, including patches, updates or upgrades (if any), provided by Supplier under the MSA, and (ii) all permitted modifications thereto and full or partial copies thereof, whether such modifications or copies are provided by Supplier, derivative works by Supplier or Client, or a third party.  

    1.5    “Development Location” means the specific address of each Client site or facility where the Arxan Software is installed and used or accessed from, as specified in an Order and approved by Supplier.

    1.6    “End User” means any entity to which Client provides a Target Application for further distribution or such entity’s own use, pursuant to an End User License Agreement.

    1.7    “End User License Agreement” means a written license agreement in a commercially reasonable form, pursuant to which Client may sublicense to Client’s End Users the Run-Time Modules that are incorporated into a Target Application. 

    1.8    “Guard Libraries” means a collection of the Object Code software modules delivered in an object library form and containing Supplier’s protection technology known as “Guards.” 

    1.9    “Object Code” means computer programming code in the form not readily perceivable by humans and suitable for machine execution without the intervening steps of interpretation or compilation.

    1.10    “Run-Time Module” means components of Supplier’s protection technology solely in Object Code form, to be incorporated into a Target Application as inseparably incorporated code.

    1.11    “Source Code” means computer programming code in human readable form that is not suitable for machine execution without the intervening steps of interpretation or compilation.

    1.12    “Target Application” means an item, computer code, software, device or system developed by Client that contains a Run-Time Module(s) or any portion thereof.

    1.13    “Threat Event” means a message from a deployed Target Application containing anonymized threat related data from the End User.

    1.14    “Threat Analytics” means the services provided by Supplier to measure, monitor and report on Threat Events.

    1.15    “Tools” means the programs and object code provided by Supplier under this Exhibit A that are intended for Client’s internal use in developing applications and not for incorporation into Target Applications or for distribution.
  2. License Grants.

    2.1    Application Development License. Subject to Client’s compliance with the terms and conditions of the MSA, including payment of any applicable fees, Supplier hereby grants to Client, for the term of the applicable Order, a restricted, personal, non-transferable, non-exclusive, revocable (in the event of breach), non-sublicensable, internal-use License to install the Arxan Software, solely for the number of licensed Applications listed in the applicable Order, and on platforms specified in such Order as licensed for such Arxan Software and located at each Development Location listed in the Order, solely to prepare to introduce the applicable Applications into production use pursuant to Section 2.2 of this Exhibit A.  

    2.2    Production License. Subject to Client’s compliance with the terms and conditions of the MSA, including payment of any applicable fees, Supplier hereby grants to Client, for the term of the applicable Order, a restricted, personal, non-transferable, non-exclusive, revocable (in the event of breach), non-sublicensable (other than as set forth in this Section 2.2), fee-bearing license (unless specifically noted otherwise): (i) to reproduce the number of copies of the Run-Time Modules authorized in the Order, solely in Object Code; and (ii) to distribute such copies of the Run-Time Modules to End Users worldwide solely as inseparably embedded content in the Target Application, subject to an End User License Agreement.

    2.3    Beta Software License. The parties may mutually agree in writing that Supplier will provide to Client certain Arxan Software that has not been generally released by Supplier for commercial use (the “Beta Software”), for evaluation by Client. In any such case, subject to Client’s compliance with the terms and conditions of the MSA, Supplier hereby grants to Client a restricted, personal, non-transferable, non-exclusive, revocable, non-sublicensable license to use the Beta Software solely for purposes of testing and evaluation.  Unless otherwise agreed upon in writing, such license granted by Arxan herein will commence on the date on which Arxan makes the Beta Software available to Client and continue for a period of sixty (60) days.  Arxan will be entitled to revoke or terminate the license granted hereunder at any time for any reason or no reason by without notice thereof. Upon any revocation or termination of the license by Arxan, Client shall immediately cease using the Beta Software.
  3. Additional Terms. 

    3.1    Third Party Target Application Approval.  Supplier is not responsible for the acceptance or rejection of Client’s Target Application, which could be subject to third party approval. (e.g., Apple Inc.’s App Store for iOS).  

    3.2    End User License Agreements.  Client shall take all steps necessary to protect Supplier’s and its licensors’ proprietary rights in the Run-Time Modules and to ensure that each Run-Time Module distributed by Client will be accompanied by a localized copy of an End User License Agreement.  Such End User License Agreement shall prohibit the End User from: (i) copying the Target Application containing the Run-Time Modules, except for archive purposes consistent with the End User’s archive procedures; (ii) transferring the Run-Time Modules to a third party apart from the Target Application; (iii) modifying, decompiling, disassembling, reverse engineering or otherwise attempting to derive the Source Code of the Target Application containing the Run-Time Modules; (iv) exporting the Target Application containing the Run-Time Modules or underlying technology in contravention of applicable U.S. and foreign export laws and regulations; and (v) using the Run-Time Modules other than in connection with operation of the Target Application.

    3.3    Ownership.  Notwithstanding the foregoing, Supplier and its licensors shall exclusively own all worldwide intellectual property rights in and to the Arxan Software.  All rights not expressly granted to Client in the MSA are expressly reserved for Supplier and its licensors. Nothing herein transfers to Client or any other entity or person any right, title or ownership interest in any Software other than the rights and licenses granted Client in the MSA and Sections 2.1 and 2.2 of this Exhibit A.  As between Client and Supplier, Client shall exclusively own all worldwide intellectual property rights in and to the Application(s) and Target Application(s), including all derivative works of the Target Application created through the incorporation of the Run-Time Module therein; provided that ownership of such derivative works shall be subject to Supplier’s ownership in the Run-Time Module.

    3.4    Beta Software Feedback.  Client agrees to cooperate and consult with Supplier in its evaluation of Beta Software, including Customer’s evaluation of and feedback on its features, performance, functionality and useability.  Client will provide oral or written feedback on Beta Software to Supplier at Supplier’s request. Client hereby assigns and will assign to Supplier all rights and title in such evaluations and feedback and all intellectual property rights in or relating to evaluations and feedback.  Client will provide Supplier with access to its computers to observe Client’s use and evaluation of Beta Software, upon Supplier’s request. 

    3.5    Use On-Site.  The Arxan Software may be used only at Client’s premises and only by Customer’s employees and independent contractors at such premises.  In each case the Arxan Software may only be used by independent contractors and employees who (a) have a need to know for the purposes of integrating Arxan Software into Client’s Application and are under a suitable written non-disclosure agreement that does not permit disclosure or use except as permitted under the MSA; and (c) are engaged on a basis such that, as between Client and such persons or entities performing the services, Client is the sole and exclusive owner of all applicable intellectual property rights, confidential information and material arising from their works.  Client is liable for any breach of the MSA or this Exhibit A by any independent contractor and/or employee of Client.

    3.6    Penetration Testing.  Supplier authorizes Client to conduct a penetration test of security vulnerabilities in the Target Application that incorporates the Run Time Modules (“Pen Test”), which may be conducted either directly by Client or by a third party engaged by Client.  Client shall notify Supplier in writing of any third party it selects for the Pen Test. Client shall be responsible for any third party fees for the Pen Test.  Supplier will receive a copy of the Pen Test results, which shall be deemed the Confidential Information of Supplier. 

    3.7    Consequences of Expiration or Termination.  Upon expiration or termination of the MSA, Client shall: (a) not use the Arxan Software for any purpose whatsoever; (b) immediately destroy or return to Supplier all material belonging to Supplier or its licensors, including without limitation all Arxan Software, Run-Time Modules and Supplier Confidential Information then in Client’s possession; (c) cease the reproduction and distribution of the Run-Time Modules (except as provided below); and (d) shall promptly certify to Supplier that Client has done so. Notwithstanding the foregoing, Customer may retain one (1) copy of the Run-Time Modules to support existing End Users provided that Client is then current with payments due to Supplier.  Solely in the event of a termination of the MSA for Supplier’s material breach, Client shall, for a period not to exceed sixty (60) days after the effective date of termination, have the right to sell, pursuant to the terms of the MSA and this Exhibit A, any remaining Target Applications which were in Client’s inventory as of the effective date of the termination, provided however, that if part of Client’s compensation of Arxan hereunder is to pay Supplier a fee based on the number of Target Application units licensed by Client to its customers (a “Per Unit Fee”), this right of Client to license such additional Target Application units shall be subject to Client paying Supplier all Per Unit Fees applicable thereto.  These remedies shall be cumulative and in addition to any other remedies available to Supplier. 

    3.8    Reporting.  Supplier reserves the right, and Client authorizes Supplier, to remotely gather data on usage of the Arxan Software, including license key numbers, IP addresses or other applicable device identifier (including MAC address or unique device identifier (UDID)), and other relevant information, for billing purposes and to ensure that the Arxan Software is being used in accordance with the terms of the MSA.  Supplier reserves the right to remedy violations of any of the terms of the MSA and this Exhibit A immediately upon discovery, by charging the then current list price of for the rights being exercised to the payment instrument used to make the original, authorized purchase, or by any other means necessary, including remotely disabling the Arxan Software. Unless otherwise agreed upon, Client agrees that the server(s) on which the Arxan Software will be installed will be connected at all times to the Internet and not to block, electronically or otherwise, the transmission of data required for compliance with the MSA and this Exhibit A. Any blocking of data required for compliance under the MSA is a material breach of the MSA. 

    3.9    License Management.  The Arxan Software contains license management functionality that enforces the limitations of the applicable licenses and may cause the Arxan Software to cease operating upon expiration or termination of the license. Client shall not circumvent, or attempt to circumvent, any license management, security devices, access logs, or other measures provided in connection with the Arxan Software, or permit or assist any User or any third party to do the same.  Client must follow the recommended installation procedures for each Arxan Software product licensed under the MSA.  Client’s failure to follow the recommended installation procedures is a breach of the MSA.  It is Client’s responsibility to contact Supplier regarding any potential expiration that Client deems inappropriate. Supplier shall not liable for any damages or costs incurred in connection with expired licenses.

    3.10    Consent to End User Collected Data.  Client agrees that Supplier may collect and use technical data and related information (including, but not limited to, technical information about Client’s devices, server, system and application software, and peripherals, and device fingerprints) that is gathered periodically to facilitate the provision of software updates, product support, and other services to Client (if any) related to the Arxan Software and to monitor compliance with and determine billing under the MSA and this Exhibit A.

    3.11    Utilizing Threat Analytics Service. If Client is processing and utilizing Threat Analytics in-house, and on premise within their Development Location, Client shall provide all data processed to Supplier no later than a week after the Threat Event has been decrypted.

    3.12    Threat Events Data Retention Supplier reserves the right, and Client authorizes Supplier, to purge collected Threat Events thirty (30) days after such data has been received, and in such a manner that the data may be irretrievable. Client agrees that processing, utilization and storage of Threat Events may be limited to a certain amount agreed to by the parties.

    3.13    Applicable Laws; Hosting. Client represents and warrants that Client and its End Users’ use of the Arxan Software and/or distribution of any Target Application shall comply with all applicable laws and regulations. Client shall independently determine whether use of the Arxan Software and/or distribution of any Target Application are suitable in light of applicable laws and regulations, including, without limitation, GLBA, HIPAA, and GDPR. Client acknowledges that Supplier shall have no liability in the event that Client utilizes the Arxan Software and/or distributes a Target Application that does not meet the requirements of such applicable laws. If Client or any End User is located in the European Economic Area, Client represents and warrants that it shall obtain all appropriate consents, make all necessary disclosures, and otherwise conform to all applicable laws of the EEA related to any End Users’ personal data collected or otherwise processed by the Software and/or a Target Application. 

    3.14    Records; Production Notice; License Reports.  Client shall maintain complete, current and accurate records of the location of each copy of the Arxan Software in Client’s possession for at least five (5) years from the delivery of the Arxan Software. Furthermore, Client shall maintain the location of all Users thereof, the number of all Users of the Application Development Licenses, and the number, date, and recipient of all Run-Time Module copies made and distributed by or for Client under the MSA.


    3.16    Client Indemnity.  Client will defend at its expense, indemnify, and hold harmless Supplier from and against any losses, costs or damages resulting from or in connection with any claims filed by third parties resulting from or in connection with the use, manufacture, or distribution of Target Applications by Client and Client’s direct and indirect End Users in any country, provided that Supplier gives Client prompt written notice of any such claim, tenders to Client the defense or settlement of any such claim at Client’s expense, and cooperates with Client, at Client’s expense, in defending or settling such claim.  This indemnification obligation shall not apply to infringement actions or claims if such actions or claims are based solely on the use of the Arxan Software in the form provided by Supplier. 

    3.17    No Open-License.  Client understands and agrees that the Arxan Software and license granted pursuant to this Exhibit A by Supplier are provided under strict proprietary licensing terms, and are not subject to nor compatible with open-license or public license agreements such as the GNU Public License (GPL).  Under no circumstances is the source code for any Arxan Software to be provided to the Client, any third party, or sub-licensee of the Client.  Client agrees not to apply Arxan Software to Applications containing GPL (or LGPL or any similar open-source license) software that requires the source code be provided to recipients of binaries derived from such licensed software, or which requires such processing tools such as Arxan Software to be made available to recipients of such binaries.  Client hereby indemnifies Supplier and agrees that under no circumstances will Supplier be liable to provide source code of Arxan Software as defined herein, nor is Client authorized or licensed to distribute Supplier Tools, in the event of any inadvertent distribution of software licensed as GPL or LGPL or any similar open-source license type that has been processed by Supplier Tools or incorporates any Supplier proprietary run-time software. Software Master Subscription Agreement v1 
Last Updated August 2020




Contact Us